How to use the hvac.exceptions function in hvac
To help you get started, we’ve selected a few hvac examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
hvac / hvac / tests / integration_tests / api / auth_methods / test_ldap.py View on Github 
('incorrect tls version', dict(url=MockLdapServer.ldap_url, tls_min_version='cats'), exceptions.InvalidRequest,
"invalid 'tls_min_version'"),
])
def test_configure(self, test_label, parameters, raises=None, exception_message=''):
parameters.update({
'user_dn': MockLdapServer.ldap_users_dn,
'group_dn': MockLdapServer.ldap_groups_dn,
'mount_point': self.TEST_LDAP_PATH,
})
if raises:
with self.assertRaises(raises) as cm:
self.client.auth.ldap.configure(**parameters)
self.assertIn(
member=exception_message,
container=str(cm.exception),
)
else::type path: str | unicode
:param secret: The contents of the "secret" dict will be stored and returned on read.
:type secret: dict
:param mount_point: The "path" the secret engine was mounted on.
:type mount_point: str | unicode
:return: The JSON response of the create_or_update_secret request.
:rtype: dict
"""
# First, do a read.
try:
current_secret_version = self.read_secret_version(
path=path,
mount_point=mount_point,
)
except exceptions.InvalidPath:
raise exceptions.InvalidPath('No value found at "{path}"; patch only works on existing data.'.format(path=path))
# Update existing secret dict.
patched_secret = current_secret_version['data']['data']
patched_secret.update(secret)
# Write back updated secret.
return self.create_or_update_secret(
path=path,
cas=current_secret_version['data']['metadata']['version'],
secret=patched_secret,
mount_point=mount_point,
):type username: str | unicode
:param policies: List of policies associated with the user. This parameter is transformed to a comma-delimited
string before being passed to Vault.
:type policies: list
:param mount_point: The "path" the method/backend was mounted on.
:type mount_point: str | unicode
:return: The response of the register_user request.
:rtype: requests.Response
"""
if policies is None:
policies = []
if not isinstance(policies, list):
error_msg = '"policies" argument must be an instance of list or None, "{policies_type}" provided.'.format(
policies_type=type(policies),
)
raise exceptions.ParamValidationError(error_msg)
params = {
'username': ','.join(username),
}
api_path = '/v1/auth/{mount_point}/users/{name}'.format(
mount_point=mount_point,
name=username,
)
return self._adapter.post(
url=api_path,
json=params,
)def __raise_error(self, status_code, message=None, errors=None):
if status_code == 400:
raise exceptions.InvalidRequest(message, errors=errors)
elif status_code == 401:
raise exceptions.Unauthorized(message, errors=errors)
elif status_code == 403:
raise exceptions.Forbidden(message, errors=errors)
elif status_code == 404:
raise exceptions.InvalidPath(message, errors=errors)
elif status_code == 429:
raise exceptions.RateLimitExceeded(message, errors=errors)
elif status_code == 500:
raise exceptions.InternalServerError(message, errors=errors)
elif status_code == 501:
raise exceptions.VaultNotInitialized(message, errors=errors)
elif status_code == 503:
raise exceptions.VaultDown(message, errors=errors)
else:
raise exceptions.UnexpectedError(message)used. AWS places limits on the maximum TTL allowed. See the AWS documentation on the DurationSeconds
parameter for AssumeRole (for assumed_role credential types) and GetFederationToken (for federation_token
credential types) for more details.
:type ttl: str | unicode
:param endpoint: Supported endpoints:
GET: /{mount_point}/creds/{name}. Produces: 200 application/json
GET: /{mount_point}/sts/{name}. Produces: 200 application/json
:type endpoint: str | unicode
:param mount_point: The "path" the method/backend was mounted on.
:type mount_point: str | unicode
:return: The JSON response of the request.
:rtype: dict
"""
if endpoint not in ALLOWED_CREDS_ENDPOINTS:
error_msg = 'invalid endpoint argument provided "{arg}", supported types: "{allowed_endpoints}"'
raise exceptions.ParamValidationError(error_msg.format(
arg=endpoint,
allowed_endpoints=', '.join(ALLOWED_CREDS_ENDPOINTS),
))
params = {
'name': name,
'role_arn': role_arn,
'ttl': ttl,
}
api_path = '/v1/{mount_point}/{endpoint}/{name}'.format(
mount_point=mount_point,
endpoint=endpoint,
name=name,
)
response = self._adapter.get(
url=api_path,:type metadata: dict
:param policies: Policies to be tied to the entity.
:type policies: str | unicode
:param disabled: Whether the entity is disabled. Disabled entities' associated tokens cannot be used, but are
not revoked.
:type disabled: bool
:param mount_point: The "path" the method/backend was mounted on.
:type mount_point: str | unicode
:return: The JSON response for creates, the generic response object for updates, of the request.
:rtype: dict | requests.Response
"""
if metadata is None:
metadata = {}
if not isinstance(metadata, dict):
error_msg = 'unsupported metadata argument provided "{arg}" ({arg_type}), required type: dict"'
raise exceptions.ParamValidationError(error_msg.format(
arg=metadata,
arg_type=type(metadata),
))
params = {
'name': name,
'metadata': metadata,
'policies': policies,
'disabled': disabled,
}
if entity_id is not None:
params['id'] = entity_id
api_path = '/v1/{mount_point}/entity'.format(mount_point=mount_point)
response = self._adapter.post(
url=api_path,
json=params,
):param environment: The Azure cloud environment. Valid values: AzurePublicCloud, AzureUSGovernmentCloud,
AzureChinaCloud, AzureGermanCloud.
:type environment: str | unicode
:param client_id: The client id for credentials to query the Azure APIs. Currently read permissions to query
compute resources are required.
:type client_id: str | unicode
:param client_secret: The client secret for credentials to query the Azure APIs.
:type client_secret: str | unicode
:param mount_point: The "path" the azure auth method was mounted on.
:type mount_point: str | unicode
:return: The response of the request.
:rtype: requests.Response
"""
if environment not in VALID_ENVIRONMENTS:
error_msg = 'invalid environment argument provided: "{arg}"; supported environments: "{environments}"'
raise exceptions.ParamValidationError(error_msg.format(
arg=environment,
environments=','.join(VALID_ENVIRONMENTS),
))
params = {
'tenant_id': tenant_id,
'resource': resource,
'environment': environment,
}
if client_id is not None:
params['client_id'] = client_id
if client_secret is not None:
params['client_secret'] = client_secret
api_path = '/v1/auth/{mount_point}/config'.format(mount_point=mount_point)
return self._adapter.post(
url=api_path,
json=params,
Popular hvac functions
- hvac.adapters.Request
- hvac.api.auth_methods.Aws
- hvac.api.auth_methods.Ldap
- hvac.api.secrets_engines.Transit
- hvac.api.system_backend.system_backend_mixin.SystemBackendMixin
- hvac.api.SystemBackend
- hvac.api.vault_api_base.VaultApiBase
- hvac.Client
- hvac.exceptions
- hvac.exceptions.Forbidden
- hvac.exceptions.InternalServerError
- hvac.exceptions.InvalidPath
- hvac.exceptions.InvalidRequest
- hvac.exceptions.ParamValidationError
- hvac.exceptions.UnexpectedError
- hvac.exceptions.VaultDown
- hvac.exceptions.VaultError
- hvac.utils
- hvac.utils.deprecated_method
- hvac.utils.format_url